While the decision to move to the cloud rarely involves them, supporting end-user issues often falls to the network team. Migrating an application to a Virtual Private Cloud (VPC) could leave engineers in the dark, lacking visibility and insight to diagnose and resolve user issues. The good news is that with a bit of planning and some lateral thinking, we can still use packets to see into the cloud.
Complexity
There are two main factors affecting our ability to analyse network traffic in a cloud environment. The first is component location:
Single Cloud - all components are hosted in a single VPC
Multicloud - where application components are hosted by more than one cloud provider
Hybrid - where some application components are retained onsite
The second complicating factor is the type of hosting or platform service used. These service types become progressively more abstract. Using Amazon Web Service (AWS) offerings as an illustration:
EC2 i3.metal - a bare metal server offering for customers with particular needs
EC2 - a virtual machine running Linux or Windows
Fargate - a managed Docker container service
Elastic Beanstalk - a managed application server
Lambda - serverless code execution
As we progress down the list we get further away from the underlying infrastructure. The situation is further complicated because as we move down this list there is a big increase in the dynamic nature of the application execution. Docker containers will start on one machine and may then move to another, and who knows where your Lambda application will run.
Is Packet Capture Needed?
Based on our experience at Advance7, the short answer is yes - packet capture is still needed. The cloud platform provides helpful tools but there are gaps. Here are three examples where we have needed packet captures:
Troubleshooting a web application performance problem caused by exceeding a remote file system quota
Troubleshooting slow execution of a Business Intelligence (BI) system running in a hybrid configuration
Determining why first access to a containerised workflow application threw 502 Gateway Timeout errors
Viavi Wireshark Week
Wireshark Week is a full week of webinars designed just for Wireshark users. This year, I'll be presenting alongside Chris Greer and Ross Bagurdes.
In my session I'll share strategies for using Wireshark in cloud situations to regain control of performance. We'll look at the practicalities of network packet capture and how this data can be supplemented with other information. We'll also look at using Wireshark traces to troubleshooting problems with SaaS applications such as Office 365 and Salesforce.
See https://wiresharkweek.viavisolutions.com/ for details of speakers and subjects.